Clusters, Clouds and the Future of Storage

It’s in the clouds. For example, Cloudbank appliances from Pivot3 are the hardware platform for the its serverless computing product line. Each Cloudbank includes additional CPU, RAM, and network resources and can simultaneously run NVR applications that have access to the complete underlying High-Definition Storage SAN.

In the next few years, visionaries such as John Honovich believe there will be a significant transition away from digital video recorders (DVR) and network video recorders (NVR) to be replaced by clustered storage that communicates with servers over an IP network. The economics are becoming very attractive for such a move, especially in larger scale deployments, wrote Honovich in an IP Video Market posting.

Many new believe that the future of security video storage is in the clouds – outsourcing storage, retrieval and some intelligence to a third party through the Internet. Cloud computing could eliminate much of the on-site hardware and software.

Then there are those folks who see storage growing dramatically. Say hello to the petabyte, a unit of information or computer storage equal to one quadrillion bytes, or 1024 terabytes. Google processes about 20 petabytes of data a day, for example.

Right now, however, the more common business choice is between DVRs and NVRs.

LARGE INSTALLATION NEEDS

One rule of thumb is that the larger the installation, the more cost-effective networked video with NVRs or server farms may be. Once you start getting into a larger system and more geographically spaced buildings, like office campuses and educational campuses, you start running into issues like, What if I have to add a user name and password and touch each of my digital recorders to put this user name in?

In situations like that, networked digital recording becomes more practical. Where technology is new, security leaders should aim for the best of the best. At the same time, DVRs have made a lot of advancements, too. A DVR is a big storage device that stores lots of data, and the data is video. You can search and perform queries and so many other things, but at the very core of it, it’s just a library of files. An NVR takes the stream directly from the IP camera and archives it, because the cameras are already putting out a JPEG or MPEG, so there’s no need to perform a compression at the NVR side. So in essence as far as integrating, NVRs are almost identical to DVRs except they don’t have a capture board for analog video.

DVRs have BNC connectors for analog cameras, whereas NVRs use Ethernet cable, although hybrid devices and systems can combine both.

Despite the trend towards networking, not all systems need networks. For some applications, DVRs are the simple and direct solution. DVRs are going to be around for a long time because the vast majority of people don’t have a network infrastructure they can rely on. Most users want to simply record good video and view it when they need to. Many people don’t want a PC running software because of the extra cost. And even if they have an existing PC, it may not be powerful enough to handle the graphics.

Between the choices, there is a matter of reliability.

COST FACTORS

An NVR provides more programming flexibility and generally less reliability than an embedded system, which is self-contained, in one site and often more cost-effective than an NVR. NVR systems tend to have benefits if security has multiple sites and locations, and they’re spread out and you want to do remote access and retrieval on a regular basis, or bring data back to a central location. Memory capacity is no longer an issue between DVRs and NVRs.

Sometimes the decision of whether to install a DVR or an NVR is determined by equipment already installed at a location, for example, the type of cable. Typically, if coaxial cable exists in a facility, the business decision is the DVR. And if coax does not exist, then the business decision may be more likely a NVR.

For example, on a large VCR installation where there’s a lot of existing coax cable, there’s a significant expense in redoing the infrastructure, so a lot of large VCR installations leverage their existing coax and install DVRs. For a new installation, it’s the NVR, and software that can talk to both DVRs and NVRs.

Open architecture video gear can connect with other companies’ servers, even those not in the security industry. The disadvantage of this approach is that if a problem develops, the security supplier may not take responsibility for the whole system as it would for its own equipment. Video files are so large that what’s happening is a lot of installations that use existing servers that are in place have a difficult time keeping up with the demands of video requests.

Still, the trend is network-based solutions using dedicated servers to handle the video, because it’s not about storing, it’s about storing and retrieving when needed. There are other considerations when using server farms. Sometimes IT departments do not want to lose bandwidth on their networks to video, although centralized video storage may be less expensive to buy. For instance, if you have 100 DVRs and each has 100GB of storage, that’s 10TB. It’s cheaper to buy a single 10TB storage box than a whole bunch of individual ones. However, IT or security staff will have to maintain and monitor the equipment and keep it upgraded. That will add to the cost that 10TB storage box.

THIRD PARTY STORAGE

Server farms were a popular idea back in the dot-com bubble, but what we’re seeing more and more of is being able to integrate into third-party storage such as a network-attached storage (NAS) or a direct attached storage (DAS), so they can share storage and in a sense back each other up.

The ultimate decision about whether to use a DVR or an NVR should be made only after considering all aspects of the installation and enterprise. Consider:

Need to use any existing analog cameras and associated cabling.

Ability to use existing cable infrastructure, network cables and hardware.

Speed of existing network configuration.

Knowledge and skills of your technicians in networking.

Size and availability of network storage devices.

Future expansion needs.

Overall system cost.

The final and most important consideration whenever you are considering a venture into any digital video system that includes network interconnectivity is the cooperation of the IT department. If you have a network-knowledgeable person from your staff participate in these discussions, it is helpful.

SIDEBAR: Hybrid May Suit Today’s Needs

Some digital video recorders (DVRs) include network communication capability along with regular analog camera inputs. There’s a real trend now to a hybrid-type combination of the traditional DVR which can also record some IP-type streams, so you don’t have to add a whole separate IP solution. The DVR portion gives you a sense of security. It also can be distributed out, but there’s local recording there. If you lose your network connection, then you don’t lose your video.

Some enterprises, those which would tend toward IP systems, are using remote access and no longer just using the output directly from the NVR or DVR. They are not connecting the monitor directly to the device but tucking them in a closet or server room and using remote software to manage the entire system or watch the entire system.

SIDEBAR: What’s an IDS?

The problems of securing data networks are constantly changing and growing, as three forces converge: The value of network data becomes more important, more machines and users (local and remote) are added to networks, and attackers become more sophisticated in their approaches.

IT administrators need to be able to monitor the various types of activities on their networks. The installation of an IDS (intrusion detection system) is a common network defense. IDS software is installed in computers, which are connected at particular points on a network.

The IDS software is programmed to monitor data traffic, looking for specific types of packets or communications that may indicate either hacker activity or the unauthorized transference of data files. Remember that the data leaving a network is a major concern, as your enterprise's intellectual assets and business information may be flying out of the LAN to a competitor or system hacker.

So the IDS system needs to receive and review data traffic going into and out of specific points in the network. This is typically accomplished using “port mirroring,” where network switches, which usually only send packets to the machines to which the data is addressed, can be programmed to send all traffic going through specific hardware ports to another one, which is then connected to the IDS computer.

How does IDS affect IP physical security installations? If IP-enabled security devices are monitored by an IDS, security must check with the IT department to ensure that normal network communications between authorized users and physical security devices does not trigger a false alarm from the IDS.

SIDEBAR: Beyond the Basic Functions

A DVR performs more tasks than simply recording the images. When recording the DVR digitizes the analog images, compresses them, performs video motion detection, and controls the recording rate/resolution based upon the initial program, time, and activity. On playback it converts the digital images to an analog output that can be displayed on a standard video monitor. All of this activity takes a considerable amount of computer processing power and requires constant disk activity. The network connection a DVR uses is for remote viewing or administration, either with a proprietary software or standard Web browser.

The NVR is strictly a digital device. It is designed to connect to other digital devices to provide a video system that offers many more benefits than traditional analog systems, without sacrificing functionality. A variation on the NVR is a hybrid NVR, which incorporates all of the features of a standard NVR but also has connections for analog cameras. This may be a good choice if you need to use existing analog cameras but want to have the ability to connect IP cameras, as well. Operationally an NVR system moves most of the image processing functions to the camera, which accounts for the higher price of an IP camera. Moving this processing to the camera can significantly reduce the required network bandwidth, because the camera can be programmed to only transmit video when necessary or transmit video at a low frame rate unless a specific event occurs.

SIDEBAR: A Cluster Approach

The alphabet soup of security video storage just got another term – IP SAN or storage area network. A SAN is a high-speed special-purpose network (or subnetwork) that interconnects different kinds of data storage devices with associated data servers on behalf of a larger network of users. Typically, a storage area network is part of the overall network of computing resources for an enterprise. A storage area network is usually clustered in close proximity to other computing resources but may also extend to remote locations for backup and archival storage, using wide area network carrier technologies.

Firms such as Intransa (San Jose, Calif.) and Pivot3 (Spring, Tex.) now offer alternatives to DVRs and NVRs.

According to Lee Caswell of Pivot3, a product trend is a migration to shared storage, or storage area networks. “Because this industry is so attentive to costs, it has used standalone direct attached storage (DAS) RAIDs that are cheap but hard to scale. Similar to the way that desktop DAISY printers disappeared once a network printer hit the right price point (and had a bigger paper tray and more reliability), these standalone RAIDs will go away now that IP SANs offer better availability, bandwidth and capacity at the same cost.”

RAIDs or redundant array of independent disks refers to a hard disk technology which can be used to speed up data transfer and/or provide disk redundancy through disk system fault tolerance. RAID provides these features by using more than one hard disk at a time, there are several variations of a RAID configuration referred to as levels.

The new IP SAN approach also involves the application of virtualization technology to reduce cost still further. Serverless computing is the first use of virtualization technology to directly address the most expensive part of surveillance deployments, namely the server/storage platforms. By using virtualization technologies, server and storage resources are consolidated into a single platform for reductions in cost, power, cooling and rack space.

Did you enjoy this article? Click here to subscribe to Security Magazine.

Events

The tragedy of the United States domestic violence situation is impossible to quantify. There is both a sordid history and an on-going crisis; a crisis that has become normalized. Since 2000, approximately more than 20,000 women have been murdered by domestic partners, or "family terrorists".

Products

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

Consolidation and technological advances are changing the face of the guarding industry. How will this affect enterprise security leaders? Learn more about changes to the security officer services industry as well as the Top Guarding Firms Listing in the December 2016 edition. Also in this issue: a new financial focus on cybersecurity, what to do in your first three months as a new CSO, the ostrich style of security management, and more.